<?php
/**
 * author:wang
 * mail:970633164@qq.com
 */

define("PHP_IN", true);
require "../include/init.php";

if (isset($_POST['dosubmit'])) {
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
    $imgcode = trim($_POST['word_imgcode']);
    session_start();
    if(!isset($_POST['word_imgcode']) || $imgcode != $_POST['word_imgcode']){
        alert("验证码错误！");
    }

    if ($username == "" || $password == "") {
        alert("用户名密码不能为空");
    }

    $password_md5 = md5($password);

    $sql = "SELECT * FROM admin WHERE username = '$username' AND password = '$password_md5' LIMIT 1";
    $result = $db->query($sql);
    if ($result && $db->num_rows($result)) {
        $admin =$db->fetch_one($result);

        $_SESSION['adminid']=$admin['adminid'];

        $lastlogin = time();
        $lastip = $_SERVER['REMOTE_ADDR'];

        $sql = "UPDATE admin SET lastlogin='$lastlogin',lastip='$lastip' WHERE adminid=".$admin['adminid'];
        $db->query($sql);
        header("Location:index.php");
    } else {
        alert("用户名密码不正确");
    }
}

$smarty->setTemplateDir(ROOT_PATH."cms/templates");        //配置smarty
$smarty->setCompileDir(ROOT_PATH."cms/templates/templates_c");
$smarty->setLeftDelimiter("<{");
$smarty->setRightDelimiter("}>");

$smarty->display("login.tpl");
$db->close();

?>

